我在一台 Linux 机器上设置了dnsmasq一个简单的基于 NAT 的路由器。内部机器被分配了一个 IP,并且可以访问互联网除了DNS 查询未得到解决。
路由器机器的内部地址是10.42.0.1。其中一个客户端被分配了10.42.0.101。
在客户端计算机上:
user@client:~$ dig google.com @10.42.0.1
...
;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 18466
...
Wireshark 确认查询已被 10.42.0.1 接收,并立即通过 DNS 响应拒绝。
内容/etc/dnsmasq.d/nat-clients
(MAC 地址已匿名化)
bind-interfaces
no-hosts
strict-order
except-interface=lo
listen-address=10.42.0.1
dhcp-range=10.42.0.10,10.42.0.100,12h
dhcp-option=option:router,10.42.0.1
dhcp-host=00:11:22:33:44:55,billy,10.42.0.101
dhcp-host=55:66:77:88:99:00,sally,10.42.0.102
此外,/etc/dnsmasq.conf仅是评论。
/etc/resolv.conf路由器上的内容
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
nameserver 10.0.0.5
nameserver 10.0.0.6
search domain.company.com
/etc/resolv.conf客户端上的内容
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
nameserver 10.42.0.1
dnsmasq我是否缺少允许转发/解析客户端 DNS 查询的配置指令?